HomeSecurity

DDoS Attack

Vangie Beal
Vangie Beal
Updated on:

What is a DDoS Attack?

A Distributed Denial of Service (DDoS) is a type of DoS attack in which multiple compromised systems are used to target a single system. These types of attacks can cause significant, widespread damage because they usually impact the entire infrastructure and create disruptive, expensive downtimes.

DDoS vs. DoS

As mentioned above, a DDoS attack is a type of DoS attack. The primary way to identify a DDoS attack compared to another type of DoS attack is to look at how the attack is being executed. In a DDoS attack, the incoming traffic flooding the victim originates from many different sources potentially hundreds of thousands or more. This effectively makes it impossible to stop the attack simply by blocking a single IP address; plus, it is very difficult to distinguish legitimate user traffic from attack traffic when spread across so many points of origin.

How DDoS attacks work

DDoS attacks are often accomplished by a Trojan Horse, a type of malware that’s disguised as an innocuous file or program. Once the attackers have compromised multiple devices and created a botnet, they then use a Command and Control (C2) server to attack the targeted system until it overloads and ultimately fails. The specific method of attack can vary.

Types of DDoS attacks

  • Volumetric attacks: Volumetric attacks usually consume bandwidth resources by creating a huge volume of traffic, which prevents legitimate users from accessing the target system. Types of volumetric attacks include DNS amplification, in which the attacker uses the target’s IP address when initiating a request for a large amount of data. This means the server is simultaneously sending and receiving the same data and subsequently becomes overwhelmed.
  • Protocol attacks: Protocol attacks target the network resources by overwhelming the firewall or load balancer, which is why they’re also sometimes called state-exhaustion attacks. Types of protocol attacks include SYN flooding, in which the attacker manipulates the 3-step handshake of a TCP connection until the network resources are consumed and no additional devices can establish a new connection.
  • Application layer attacks: Application layer attacks are used to deplete resources in the application layer. In these types of attacks, bots send several million complicated application requests simultaneously so the system gets overwhelmed very quickly. Types of application layer attacks include HTTP flooding, which is effectively similar to refreshing a browser repeatedly from numerous devices.

There are a number of measures users can put in place to prevent or mitigate the repercussions of a DDoS attack. Developing and regularly reevaluating a response plan and implementing multi-level threat management systems are valuable tactics that can prevent expensive downtimes as the result of a DDoS attack. It’s also important to monitor the network for any warning signs. Symptoms of an imminent DDoS attack include high volumes of traffic that:

  • Come from one IP address or range of IP addresses
  • Go to a single webpage
  • Come from a single common user characteristic (such as geolocation)
  • Occur at at unexpected times of day

 

Vangie Beal
Vangie Beal
Vangie Beal is a freelance business and technology writer covering Internet technologies and online business since the late '90s.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Virtual Private Network (VPN)

Communications Kaiti Norton - 0
A virtual private network (VPN) encrypts a device's Internet access through a secure server. It is most frequently used for remote employees accessing a...

Gantt Chart

Applications Abby Braden - 0
A Gantt chart is a type of bar chart that illustrates a project schedule and shows the dependency between tasks and the current schedule...

Input Sanitization

Security Webopedia Staff - 1
Input sanitization is a cybersecurity measure of checking, cleaning, and filtering data inputs from users, APIs, and web services of any unwanted characters and...

IT Asset Management Software

Applications Webopedia Staff - 0
IT asset management software (ITAM software) is an application for organizing, recording, and tracking all of an organization s hardware and software assets throughout...

Related Articles

Definitions

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...
Read more
Development

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...
Read more
Definitions

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...
Read more

Webopedia is an online information technology and computer science resource for IT professionals, students, and educators. Webopedia focuses on connecting researchers with IT resources that are most helpful for them. Webopedia resources cover technology definitions, educational guides, and software reviews that are accessible to all researchers regardless of technical background.

Advertisers

Advertise with TechnologyAdvice on Webopedia and our other IT-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2022 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.